certs

package
v0.0.0-...-3ebabb1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 9, 2025 License: Apache-2.0 Imports: 6 Imported by: 48

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ServiceCerts

type ServiceCerts struct {
	ServiceKeyPair *tls.Certificate
	RootCACert     *x509.Certificate
}

ServiceCerts contains the key pair the service should use, along with the CA cert to use for verifying clients

func ServiceCertsFromBytes

func ServiceCertsFromBytes(serviceCertData, serviceKeyData, rootCertData []byte) (*ServiceCerts, error)

func (*ServiceCerts) NewCertPool

func (serviceCerts *ServiceCerts) NewCertPool() *x509.CertPool

NewCertPool returns a x509.CertPool configured with the ServiceCerts' root ca

type TLSConfig

type TLSConfig struct {
	CertPath       string `json:"cert_path" toml:"cert_path" mapstructure:"cert_path"`
	KeyPath        string `json:"key_path" toml:"key_path" mapstructure:"key_path"`
	RootCACertPath string `json:"root_ca_path" toml:"root_ca_path" mapstructure:"root_ca_path"`
}

TLSConfig is the on-disk paths to the service cert, service key, and root CA cert. It represents the TLS config that every service needs to supply a configuration interface for, in order to use mutual TLS

Tags are provided for JSON and TOML, which allows configuration to be automatically unmarshaled from these formats plus YAML when using https://github.com/ghodss/yaml

Example (TOML)

type YourConfig struct {
	MyOpt	string `toml:"toml_key"`
	TLSConfig	`toml:"tls"`
}

Example (YAML via /ghodss/yaml)

	type YourConfig struct {
  	MyOpt	string `json:"json_key"`
		TLSConfig	`json:"tls"`
	}

func (*TLSConfig) FixupRelativeTLSPaths

func (config *TLSConfig) FixupRelativeTLSPaths(configFilePath string)

In config files, paths to TLSConfig members are relative to the file, not CWD; we need to adjust the paths before we can pass them to a call like file.Open.

func (*TLSConfig) ReadCerts

func (config *TLSConfig) ReadCerts() (*ServiceCerts, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL